package com.itheima.demo;

import com.itheima.pojo.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;

@Service
public class SecurityUserService implements UserDetailsService {

    @Autowired
    private BCryptPasswordEncoder bCryptPasswordEncoder;

    private HashMap map = new HashMap();

    //将map作为数据库来用，使用initData()方法来map
    public void initData(){
        User user1 = new User();
        user1.setUsername("JOJO");
        user1.setPassword(bCryptPasswordEncoder.encode("star"));

        User user2 = new User();
        user2.setUsername("DIO");
        user2.setPassword(bCryptPasswordEncoder.encode("dioDa"));

        map.put(user1.getUsername(),user1);
        map.put(user2.getUsername(),user2);

    }

    /**
     *
     * @param username :username即登陆页面用户提交的用户名
     * @return :返回一个由提供的UserDetails容器
     * @throws UsernameNotFoundException
     */
    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {

        //初始化map，将map作为数据库来使用
        initData();
        //当用户登录时，会将username传递进来，此时模拟使用username从数据库查询到user.
        User user = (User) map.get(username);

        /**
         * 开始授权：后期需要改为查询数据库动态获得用户拥有的权限和角色
         * 规则：
         *      小写的字符串是用来进行授权的
         *      大写的字符串是用来设置角色的，并且都要添加一个ROLE_前缀
         */
        List<GrantedAuthority> list = new ArrayList<>();

        /*//1.只要登陆成功就可以访问
        list.add(new SimpleGrantedAuthority("ROLE_ADMIN"));*/

        //给JOJO添加add权限  add与ROLE_MANAGER的权限是属于平行关系
        if("JOJO".equals(user.getUsername())){
            //给JOJO添加 add 角色
            //list.add(new SimpleGrantedAuthority("add"));

            //给JOJO添加 ROLE_MANAGER 角色
            list.add(new SimpleGrantedAuthority("ROLE_MANAGER"));

            //给JOJO添加 ADMIN_ADMIN 角色
            list.add(new SimpleGrantedAuthority("ROLE_ADMIN"));

            //给JOJO添加 ROLE_XXX 角色 XXX为配置文件中对应的角色
            list.add(new SimpleGrantedAuthority("ROLE_XXX"));

        }

        //声明使用明文密码
        //String password = "{noop}"+ user.getPassword();

        //将用户名、密码和权限授权对象封装到security框架提供的User中
        org.springframework.security.core.userdetails.User detailUser =
                new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(), list);

        return  detailUser;
    }
}
